Zitat von "Murray S. Kucherawy" <msk_at_blackops.org>:
> Changes since Beta0:
>
> - When walking an LDAP data source, don't escape the "*". Reported
> by Andreas Schulze.
>
> - Improve DB walk error reporting.
>
> - Minor man page tweaks.
>
> I plan to release this as 2.9.0 at the end of this month unless
> additional bugs or bug fixes are identified between now and then.
>
> -MSK
Hello,
1.
RFC 5617 / ADSP is changed to Historic state. There are many pieces of
code still handling ADSP in opendkim.
Removing that code should not be done in 2.9.x
I also know that many peaple dislike changed default setting. But I
would like to see it mentioned
in the release notes together with a clear suggestion how to disable
adsp: manually add "DisableADSP yes"
2.
An other point I found yesterday: ldap via SSL. To use ldaps I have to
tell the ldap library which certs are trusted. This may be done in a
file ~/.ldaprc or /etc/ldap/ldap.conf (see man 5 ldap.conf) But there
are other option too.
Postfix for example has code to set virtually any ldap parameter in a
consistent way, exactly like any other postfix option. But that would
be unnecessary here. I prefer a simpler solution: A config setting to
point opendkim to a ldaprc. This File is exported into a environment
"LDAPRC" used by opendkim. That way we could specify any ldap setting
in a configuration file dedicated to opendkim. Dovecot, the
IMAP-Server, solved the problem similar.
I attach a patch to demonstrate the function (the real part in
pseudocode only)...
Andreas
Received on Tue Dec 03 2013 - 12:07:47 PST